Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/36BC18E426EE11EF93DEE929C4F9AE02.roa
File:                     36BC18E426EE11EF93DEE929C4F9AE02.roa (raw, json)
Hash identifier:          xhwuYw7pak84jlM63LHr7CHjEEYIBcB0b7ghxmdVT1A=
Subject key identifier:   5E:C5:CF:C3:81:24:FA:A2:B2:4B:DD:94:EE:35:06:0C:E7:6E:2C:AE
Certificate issuer:       /CN=A91F83DC/serialNumber=224E668F405601CADC3391383FCA96DF9468D95A
Certificate serial:       02
Authority key identifier: 22:4E:66:8F:40:56:01:CA:DC:33:91:38:3F:CA:96:DF:94:68:D9:5A
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/36BC18E426EE11EF93DEE929C4F9AE02.roa
Signing time:             Mon 10 Jun 2024 05:56:43 +0000
ROA not before:           Mon 10 Jun 2024 05:56:43 +0000
ROA not after:            Sun 31 Aug 2025 00:00:00 +0000
asID:                     152906
IP address blocks:        160.22.104.0/23 maxlen: 23
                          160.22.104.0/24 maxlen: 24
                          160.22.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 10 Jun 2024 11:38:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F83DC/serialNumber=224E668F405601CADC3391383FCA96DF9468D95A
        Validity
            Not Before: Jun 10 05:56:43 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=6666959b-a366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:0d:e3:7c:ff:6d:1e:04:7f:af:e4:15:ed:67:
                    0e:16:4a:2b:1d:f8:35:b3:c4:f2:26:97:ea:ab:ca:
                    6b:72:1e:b7:49:fa:b8:fa:b2:c1:51:40:e0:1d:51:
                    b2:e0:ee:4e:d6:e0:b3:54:01:d3:85:ed:c5:e9:e3:
                    4a:38:f2:57:6d:ae:56:d4:69:02:b7:c7:bb:96:fe:
                    b9:b1:26:bb:19:e3:bd:20:0b:cc:d6:14:c9:80:6c:
                    86:fd:80:8a:7d:fe:d2:13:ec:3c:1c:71:9d:48:0f:
                    c0:95:02:d6:0f:6f:ae:94:8c:cb:e7:cd:c4:3a:72:
                    c9:43:fe:3d:77:f3:ea:ff:39:a6:6f:aa:46:02:27:
                    70:df:fd:26:9a:11:b3:7d:1f:55:40:f9:33:a3:c4:
                    1a:bd:af:d1:0a:df:8c:11:1e:22:de:2c:36:88:11:
                    26:ff:2b:de:7a:69:56:59:73:15:be:e4:1d:52:cc:
                    a9:e1:a5:e2:d2:49:b9:70:e9:3a:f2:34:93:05:4c:
                    57:70:c2:21:9c:ec:88:0d:b4:3b:10:47:e9:dc:f6:
                    9a:6f:2b:27:9d:7b:ae:80:52:a6:6b:c6:90:ad:56:
                    a1:3d:a2:67:14:da:e2:d7:76:56:55:01:22:c4:19:
                    c7:d8:c7:d0:63:d3:d0:63:cf:c3:ca:20:cb:1d:68:
                    25:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:C5:CF:C3:81:24:FA:A2:B2:4B:DD:94:EE:35:06:0C:E7:6E:2C:AE
            X509v3 Authority Key Identifier:
                keyid:22:4E:66:8F:40:56:01:CA:DC:33:91:38:3F:CA:96:DF:94:68:D9:5A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/36BC18E426EE11EF93DEE929C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         82:68:7b:b2:d9:e4:15:75:14:73:d8:60:4f:6c:e8:98:45:5b:
         31:64:b9:0a:f8:2b:6c:c3:70:de:95:fd:98:1f:6b:69:85:0d:
         fb:b0:a8:8a:29:21:96:f3:6f:f5:dd:81:58:08:26:7a:6a:d4:
         16:71:6c:c2:83:24:9d:c7:d0:1a:d1:ee:ba:dc:03:1f:78:85:
         5f:04:4d:34:e9:07:ec:21:bb:49:0c:57:b8:5c:ad:d3:d5:00:
         e8:07:08:76:46:2a:52:e7:cc:4d:59:9b:e2:ba:14:9b:ce:a1:
         28:f6:fd:7e:67:45:0f:89:21:43:86:51:94:3d:2b:04:c6:fc:
         03:92:41:96:a4:ee:d7:49:1d:aa:83:18:6c:8f:b2:e8:ae:37:
         24:b4:b3:c4:c4:d6:f7:8d:ff:c6:c9:05:a7:61:cf:8b:aa:40:
         03:31:6a:fd:1c:2c:cf:ae:ad:69:94:9d:f3:94:78:1e:55:c6:
         e1:58:dd:0c:eb:68:0b:47:08:0f:42:fd:82:38:38:86:78:ce:
         1a:cd:b8:f8:f3:4c:98:29:90:da:12:d5:68:aa:6e:41:88:a4:
         cf:c4:cb:4d:9c:26:b8:50:07:48:1b:64:2f:1d:4b:36:71:8b:
         ee:f1:9c:0a:20:2c:49:97:8a:7f:d6:69:81:8c:b5:51:bf:94:
         77:f5:31:e0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
ODNEQzExMC8GA1UEBRMoMjI0RTY2OEY0MDU2MDFDQURDMzM5MTM4M0ZDQTk2REY5
NDY4RDk1QTAeFw0yNDA2MTAwNTU2NDNaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NjY5NTliLWEzNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnDeN8/20eBH+v5BXtZw4WSisd+DWzxPIml+qrymtyHrdJ+rj6ssFRQOAdUbLg
7k7W4LNUAdOF7cXp40o48ldtrlbUaQK3x7uW/rmxJrsZ470gC8zWFMmAbIb9gIp9
/tIT7DwccZ1ID8CVAtYPb66UjMvnzcQ6cslD/j138+r/OaZvqkYCJ3Df/SaaEbN9
H1VA+TOjxBq9r9EK34wRHiLeLDaIESb/K956aVZZcxW+5B1SzKnhpeLSSblw6Try
NJMFTFdwwiGc7IgNtDsQR+nc9ppvKyede66AUqZrxpCtVqE9omcU2uLXdlZVASLE
GcfYx9Bj09Bjz8PKIMsdaCXLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUXsXPw4Ek
+qKyS92U7jUGDOduLK4wHwYDVR0jBBgwFoAUIk5mj0BWAcrcM5E4P8qW35Ro2Vow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4M0RDLzk5Qzc0ODg4MjZF
RDExRUZCNEM5QkEyOEM0RjlBRTAyL0lrNW1qMEJXQWNyY001RTRQOHFXMzVSbzJW
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvSWs1bWowQldBY3JjTTVFNFA4cVczNVJvMlZvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
ODNEQy85OUM3NDg4ODI2RUQxMUVGQjRDOUJBMjhDNEY5QUUwMi8zNkJDMThFNDI2
RUUxMUVGOTNERUU5MjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAWaDANBgkqhkiG9w0BAQsFAAOCAQEAgmh7stnkFXUUc9hg
T2zomEVbMWS5CvgrbMNw3pX9mB9raYUN+7CoiikhlvNv9d2BWAgmemrUFnFswoMk
ncfQGtHuutwDH3iFXwRNNOkH7CG7SQxXuFyt09UA6AcIdkYqUufMTVmb4roUm86h
KPb9fmdFD4khQ4ZRlD0rBMb8A5JBlqTu10kdqoMYbI+y6K43JLSzxMTW943/xskF
p2HPi6pAAzFq/Rwsz66taZSd85R4HlXG4VjdDOtoC0cID0L9gjg4hnjOGs24+PNM
mCmQ2hLVaKpuQYikz8TLTZwmuFAHSBtkLx1LNnGL7vGcCiAsSZeKf9ZpgYy1Ub+U
d/Ux4A==
-----END CERTIFICATE-----
Generated at Mon Jun 10 15:24:31 2024 by rpki-client on console-ams.rpki-client.org